1. Technical Field
The present disclosure relates to a data processing method and a data processing device.
2. Description of the Related Art
In the related art, the handing of various pieces of information and various pieces of data that are stored in an electronic medium is regarded as important, and a security technology for managing data is attracting attention. Security technologies include, for example, a data encryption technology and a secret sharing scheme (hereinafter referred as, “secret sharing”).
As a data management system that uses the secret sharing in the related art, the following data management system is known. The data management system in Japanese Patent Unexamined Publication No. 2011-248711 has a service provider system that includes a server apparatus which provides a service to an information processing system for a group of multiple user terminals. The server apparatus has a secret sharing manager, a checker, and management information. The user terminal includes a secret sharing engine.
The secret sharing manager of the server apparatus provides a secret sharing processing service, which includes a function of fragmenting a target document file into smaller pieces using a secret sharing technology, and a function of restoring the document file from the smaller pieces, to a user terminal that belongs to the group. At the time of restoration by secret sharing service processing, the checker performs processing that checks whether or not restoration is approved and thus performs processing that prevents illegitimate restoration. The management information of the server apparatus is information that can be set by the user and includes group information or scope-of-disclosure information. The group information includes an ID, domain information, or IP address information for every group unit. The scope-of-disclosure information results from associating information on a scope of disclosure in units of group with a document file in the group of user terminals.
The secret sharing engine of the user terminal accesses the secret sharing manager of the server apparatus and the secret sharing service processing is applied to the secret sharing engine.
When the document file is restored from the fragments, the information processing system for the group in which the document file is fragmented accesses the server apparatus and transmits request information. The request information includes access source information, and fragment or document file information.
Based on the management information, the checker of the server apparatus determines whether or not an ID, a domain, or an IP address of a group of access sources in the request information is included in a scope of disclosure that is associated with the document file. In a case where the result of the determination by the checker is that the ID, the domain, or the IP address is not included in the scope of disclosure, the secret sharing engine of the server apparatus does not perform the restoration processing of the document file. In a case where the result of the determination by the checker is that the ID, the domain, or the IP address is included in the scope of disclosure, the secret sharing engine performs the restoration processing. In the case where the restoration processing is performed, the information processing system for the group of access sources acquires the restored document file.